First Last Prev Next    This bug is not in your last search results.
Bug 48356 - Undistributable mail/univention-antivir-mail/*.cvd
Undistributable mail/univention-antivir-mail/*.cvd
Status: NEW
Product: UCS
Classification: Unclassified
Component: clamav
UCS 4.4
Other Linux
: P5 normal (vote)
: ---
Assigned To: Mail maintainers
Mail maintainers
:
Depends on: 42348
Blocks:
  Show dependency treegraph
 
Reported: 2018-12-14 16:59 CET by Philipp Hahn
Modified: 2022-01-05 16:22 CET (History)
1 user (show)

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): License
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Philipp Hahn univentionstaff 2018-12-14 16:59:42 CET 
debian/copyright claims them to be copied from ClamAV, which is GPL, which is incompatible with our AGPL:
<https://en.wikipedia.org/wiki/Affero_General_Public_License#Compatibility_with_the_GPL>

current ClamAV only contains empty files.

In Debian the files were last included in Debian-Lenny in non-free and got removed:
<https://tracker.debian.org/pkg/clamav-data>

They are nearly useless as they are severely out-of-date:
daily.cvd: Clam AntiVirus database 15 Jul 2012 18-46 -0400, version 1513, gzipped
main.cvd:  Clam AntiVirus database 11 Oct 2011 10-34 -0400, version 54, gzipped
Comment 2 Philipp Hahn univentionstaff 2022-01-05 16:16:09 CET 
# zless /usr/share/doc/clamav/NEWS.Debian.gz
> clamav (0.97.5+dfsg-1) unstable; urgency=medium
>
>   This release of clamav no longer ships signature files in clamav-base so
>   no signatures are available until after freshclam has run and downloaded
>   them.  This is an upstream change.
>
>  -- Scott Kitterman <scott@kitterman.com>  Fri, 15 Jun 2012 11:39:26 -0400

# ls -l /var/lib/clamav/
> -rw-r--r-- 1 clamav clamav    293670 Jan  5 14:37 bytecode.cvd
> -rw-r--r-- 1 clamav clamav        69 Jan  5 14:37 freshclam.dat
> -rw-r--r-- 1 clamav clamav 180535296 Jan  5 14:37 daily.cld
these are the newly fetched files from `freshclam`

> -rw-r--r-- 1 root   root     5522500 Jan  5 14:37 daily.cvd
> -rw-r--r-- 1 root   root    30750647 Jan  5 14:37 main.cvd
these are the outdated filed from univention-antivar.
Also note that the files are owned by "root:root" while "freshclam" is running as "clamav:clamav"; that might cause additional issues.

"daily.cld" is uncompressed while "daily.cvd" is compressed; the former is actually used and constantly updated using the CDIFF mechanism: <https://blog.clamav.net/2021/03/clamav-cvds-cdiffs-and-magic-behind.html>

Please note that our configuration might need an update as ClamAV switched to cloudflare.net as CDN, but this one is rate-limited:
<https://www.mail-archive.com/clamav-users@lists.clamav.net/msg50480.html>

Also note that `clamconf -n` reports a WARNING due to a trailing slash:
> WARNING: freshclam.conf and clamd.conf point to different database directories
# grep --color -n ^DatabaseDirectory /etc/clamav/*.conf
/etc/clamav/clamd.conf:26:DatabaseDirectory /var/lib/clamav
/etc/clamav/freshclam.conf:20:DatabaseDirectory /var/lib/clamav/
Comment 3 Daniel Tröder univentionstaff 2022-01-05 16:22:54 CET 
(In reply to Philipp Hahn from comment #2)
> these are the newly fetched files from `freshclam`
> 
> > -rw-r--r-- 1 root   root     5522500 Jan  5 14:37 daily.cvd
> > -rw-r--r-- 1 root   root    30750647 Jan  5 14:37 main.cvd
> these are the outdated filed from univention-antivar.
> Also note that the files are owned by "root:root" while "freshclam" is
> running as "clamav:clamav"; that might cause additional issues.

That problem is being fixed in bug 54070.
First Last Prev Next    This bug is not in your last search results.